Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

betterunixthanunix writes "A mortgage-fraud case may have widespread implications for criminals who use cryptography to hide evidence. The US Department of Justice is pushing for the defendant to be forced to decrypt her hard drive, claiming that if they cannot force such decryptions, law enforcement will be unable to gather important evidence. The defendant's lawyer and the Electronic Frontier Foundation have made the claim that forcing such a decryption would be a violation of the defendant's fifth amendment right not to self-incriminate. The prosecutor in the case has insisted that the defendant would not be forced to disclose her passphrase, but only to enter the passphrase into a computer to decrypt the drive."

Do they have to show cause first or is this a new tool in the arsenal of the TSA?

You guys need to get your government departments straight. This is NOT the TSA. The TSA are the ones at Fargo International Airport who x-ray your flip-flops and make sure you're not taking nail clippers onto an airplane. They're not tasked with searching your laptop - They're only tasked with X-raying your laptop and your kid's teddy to make sure there isn't a bomb inside. If they suspect criminal activity they have to call the police.

The US CBP (Customs and Border Protection) *do* have the right to search the contents (i.e. files) of your laptop when you are entering the USA. They can search your laptop, search your luggage and search your person. In the same way they can require you to open a locked box that you might be travelling with, they are require you to open your 'locked' laptop. The courts have backed them up - See:
http://news.cnet.com/8301-13578_3-10172866-38.html [cnet.com]

Wrong, in the general sense. The courts can force you to reveal your passwords, only in cases where they can already show that the encrypted data contains something illegal. They do NOT have the right to force you to reveal your password or decrypt your data just so they can find "evidence".

The article you point to in that link failed to emphasize that the customs agents had already seen child pornography that was contained in his encrypted data. Therefore, they already knew that there was illegal material in it.

The courts have NOT supported forcing someone to reveal encrypted data under any other circumstances.

To clarify this point: if somebody (say a couple of undercover detectives, for example) SAW you put known contraband in your safe, then a court can force you to open that safe. If, on the other hand, they don't know of anything illegal in that safe, but only THINK there may be EVIDENCE of something illegal contained in your safe, the 4th Amendment prevents them from undertaking such a "fishing expedition", merely to try to find evidence.

Again, that's my point. The TSA are *not* LEOs - Even if they have nifty badges on their shirts. They're no more an LEO than the security guard outside a Wal-Mart. If they suspect a crime, they need to call over an LEO. The cop in the coffee shop is an LEO, and yes, once he had a warrant he could compel you to type in your password, in the same way he could compel you to open your safe.

Exactly! Wow, I'm deep into the comments before anyone has started talking sense! The whole article is about the legal issue as to whether or not the courts can compel you to reveal your password. The courts cannot force you to testify at your own trial, and the question here is whether disclosing your password is tantamount to testimony (IANAL).

And which court cases are those that the judge ordered them to reveal a password when they have absolutely no idea what was encrypted on the drive? I have only read about cases where they had to reveal the password when someone/a witness had already actually seen what was on the encrypted drive.

Now, that case says that he was being compelled to release a decrypted version of the Z: drive, which they had already seen exists. To me, that isn't any different than compelling someone to open a safe which is known to exist.

The obvious solution is to make it illegal for the prosecution to use any evidence they have not specifically requested to see, and which would be irrelevant to the case. I.e. if they find evidence for a different crime, it can't be used if the person first pleaded the fifth regarding the contents. So then the prosecution has a choice between (a) saying yes to getting the evidence through compelled disclosure, but knowing they can only use what's requested and not prosecute for, say, murder they discover

The Fifth Amendment wouldn't stop you from the contents of a safe for which a search warrant was obtained, so I don't see why it would be any different for an encrypted drive.

Remember, you're not being asked to incriminate yourself. You're being asked to produce an unencrypted version of a drive that is already known to exist, just like you would be asked to provide the contents of a safe that is known to exist. How you actually go about doing this (letting the DOJ crack open the safe, or giving them the password) is irrelevant.

But if you have not admitted that it is your laptop, or have not admitted that the encrypted file is yours or that you know the password, then they are asking you to divulge information - perhaps not the password itself, but the information that you know the password, that the data is yours. You cannot be forced to testify to any of these facts. This is why you should not say anything at all when asked questions by government officers, even if the questions seem harmless. (Don't lie, either - that is a cr

There is the big difference. You didn't have to do or say anything. Same for say a blood sample or DNA sample. You don't have do (or say) anything to provide it. They do all work. But in forcing you to decrypt, they are forcing you to take action against yourself. That's self incrimination, and that's a violation of the fifth amendment.

Not that it will help much when most judges think they are above the law. Case in point. [tinyurl.com]

If it's anything like the movies, a search warrant allows police to search property by any means necessary. So no, they can't force you to open a safe, but they can certainly force the safe open (which, for a safe almost any private citizen can afford, is not terribly challenging.) The thing about encryption is that it isn't so much a "safe", it's more analogous to a private citizen having their own moon on which to store valuables. Getting access to it isn't a matter of will, its a matter of effort (years and years of crunching, even for a massive supercomputer.) As long as the only way to unlock the encryption is in your head, they can't legally force it out.

If it's anything like the movies, a search warrant allows police to search property by any means necessary

Actually, if it is anything like the movies, a quirky, slightly overweight, but cute computer genius that works for the feds will type 4 or 5 keystrokes, then the computer will flash lots of semi garbled text while emitting cute little beeps for 10 or so seconds until the encryption is broken.

That pesky constitution is why. For that matter, the supreme court has already ruled on this issue. In the US you cannot be forced to give up a password. The DOJ can bitch all they want, but it's already a settled issue.

The fact that a judge can hold you in contempt doesn't mean what the court ordered is Constitutionally permissible. A sufficiently power-mad or "law-and-order" judge might order you to testify against yourself in the most explicitly unconstitutional fashion and then clap you in jail for pleading the Fifth, and you'd be there in jail until someone took the case to a higher authority (perhaps a Habeas Corpus appeal?).

Being jailed for contempt doesn't last forever in the real world. Once it's clear it's not going to be forced, that's the end of being jailed. I'm not sure where you got "seize all your assets", as I've never heard of that happening, even in cases where the witness gets chained because they lunged at the judge (you see some odd things working at a courthouse). Not related to contempt charges for lack of testimony, at any rate.

That said, the whole question here is if you can be forced to give up your password. If not (if it's like a safe combination or the location of a storage unit), then there is no "crime of failing to give up your password". No judge can compel you to give it up. If they can't access it, they can't have it. Plain and simple. The question here is if a password falls under something that can be compelled, like a warrant to be able to walk into your bedroom and search because somebody said they saw you hide something in there (i.e., with cause), or if it's something more akin to compelling somebody to tell you where you put something, which the court can't do.

You dont know that the safe combination itself is non-incriminating, thats an assumption. Alot of safes have self setting combinations, what if i set my combo to be my decryption password??? And to be clear, no one can be FORCED, they can only be asked. Have we forgotten about 'the right to remain silent'?

With regards to encryption it's an old problem that's solved by using multiple pass keys; the one you hand over decrypts something reasonably embarrassing like your tranny porn collection, while the real key decrypts the actual material you want to hide.

So trying to force people into divulging encryption keys is just asinine; it will merely lead to widespread adoption of readily available methods to defeat it while failing to accomplish the desired goal.

If you invoke the Fifth in a criminal case, discussion STOPS. On the spot and there is NO further questioning allowed. Regardless of whether it's a State or Federal Court, per the Fourteenth Amendment and the Fifth.

If you invoke the Fourth and can PROVE that they violated that one, Case DIES on the spot. No further discussion, all evidence that stems from the improper warrant action must be discarded and is forever usable. Again, this is regardless of whether it's a State or Federal Court.

Now...what remains is whether this court deems the forcing you to decrypt things is a violation of the Fifth. Personally, I see it as being so. It's making you potentially incriminate yourself- which is PRECISELY what the Amendment was intended to prevent. It's irrelevant what form that self-incrimination takes. If they don't "see" it that way, you can bet your bottom dollar it'll be appealed right up to the Supreme Court because it's just that- a direct violation of the Fifth as much as forcing testimony out of you on the stand or in a police interrogation room.

Much of the discussion has been about what analogy comes closest. Prosecutors tend to view PGP passphrases as akin to someone possessing a key to a safe filled with incriminating documents. That person can, in general, be legally compelled to hand over the key. Other examples include the U.S. Supreme Court saying that defendants can be forced to provide fingerprints, blood samples, or voice recordings.

That sounds like a rather spot on analogy. Sounds like precedent is against her. The argument that the passphrase, itself, is the incriminating self-testimony seems really weak, both because the passphrase is not being required, and because the passphrase is not, in the end, what will incriminate her.

On the other hand, decrypting data amounts to interpreting evidence for the prosecutor. Suppose the defendant had been using secret code words, known only to her and her co-conspirators; should the prosecutor have the right to compel her to explain those code-words? What makes AES any different, other than the fact that it is a well-designed and difficult to crack cipher?

The argument that the police will be unable to gather evidence if criminals use encryption is just as weak, considering the techniques they have developed for defeating such measures:

Let's say I've written my incriminating evidence in Klingon. The prosecutor doesn't have access to anyone who can read Klingon. Does he have the right to force me to translate said evidence for him?

Similarly, encryption translates English text (this is the US we're talking about) into "mumbo jumbo". How does forcing me to translate the "mumbo jumbo" into English differ from the Klingon scenario above?

Me too, but EFF's perspective is also useful, and forms a valuable distinction:

The Fifth Amendment generally protects a person from being compelled to give testimony that would incriminate her. United States v. Hubbell, 530 U.S. 27, 34 (2000) (Hubbell I); Fisher v. United States, 425 U.S. 391, 408 (1976). The privilege is limited to testimonial evidence, or a communication that "itself, explicitly or implicitly, relate[s] a factual assertion or disclose[s] information." Doe v. United States, 487 U.S. 201, 210 (1988) (Doe I). Put a different way, the privilege protects the "expression of the contents of an individual's mind."

(Quote from EFF's amicus brief, emphasis mine)

So, while you can be compelled to surrender a physical object (the key to the safe, in the previous analogy), the 5th Amendment is specifically is about something in your mind.

If the "locked safe" in the previous analogy is not locked, but hidden, can a defendant be compelled to disclose its location?

As to the DoJ's "end run" based on the principle "don't tell us, just type it into the computer".... would the 5th Amendment not apply is a defendant is compelled to type self-incriminating testimony into a computer instead of speaking it to a law-enforcement officer?

> "So, while you can be compelled to surrender a physical object (the key to the safe, in the previous analogy), the 5th Amendment is specifically is about something in your mind."
So, what you're saying is that the DOJ can compel someone to hand-over the key to a safe, but if that same exact safe had a combination lock, then the DOJ would be powerless because they can't ask you for the numerical combination that would open it? Seems like a bizarre distinction.

If it's a combination lock the DoJ is free to hire a lock smith to open it up. They are trying to do an end run because opening it up is an expensive and long process. They have the data they are free to attack the crypto. Fact is it could be decades before they do that successfully.

We have swung way to far into the governments need for info.. The end runs around spousal protects for the mob cases were the start of the land slide (your supposed to be able to confide in your spouse similar to doctor/lawye

Being required to enter the passphrase into a computer that the DoJ controls is exactly the same as being required to give your passphrase to the DoJ. There's no difference. Hell, what it boils down to is: Don't give me your passphrase; just enter it into this computer which I control. How many Slashdotters would balk at that? Hopefully most of them.

There are any number of ways that the DoJ could get your passphrase if they wanted it, and were permitted to demand that you enter it onto their computer - a ke

That sounds like a rather spot on analogy. Sounds like precedent is against her.

Did you read the next paragraph? They gave a number of precedents that were for her.

The point is that this could go either way, and the story did try to give both sides.

The argument that the passphrase, itself, is the incriminating self-testimony seems really weak, both because the passphrase is not being required, and because the passphrase is not, in the end, what will incriminate her.

IANAL, of course.

Traditionally, defendants have not been required to assist in any manner in building the legal case against them. Giving up the password assists.

Your home can be search (with a warrant) without your assistance. Your brain cannot -- at least not yet. (And be very afraid of what the courts might rule if we ever do have the technology to re

I've always thought of the 5th as a way to prevent fishing expeditions where a prosecutor just keeps questioning you until they find something, anything, to prosecute you on.

Forcing a password is a lot like requiring someone to answer questions for hours, days, even weeks. If you don't securely wipe your HD or mount a VM every time you surf is it possible that maybe some illegal grainy thumbnail image got left behind? Sure it is possible, maybe it was weeks ago when you were searching and clicking dozens,

...mostly because of the worst abuse of passwords: She probably uses that password elsewhere and having the information in the public domain could potentially lead to more of her life being exposed than what's required for the case.

The prosecutor in the case has insisted that the defendant would not be forced to disclose her passphrase, but only to enter the passphrase into a computer to decrypt the drive."

That would still seem to violate the 5th amendment. The relevant text is bolded below:

No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.

She's not being compelled to be a witness against herself... The hard drive is a piece of evidence that is in effect a "witness" against her.

It's like you're hiding a dead body in the trunk of your car... and you've modified it with a special lock that cannot be forced. This is the equivalent of them getting a warrant on searching your car, and you being forced to come up with a key.

No. Your analogy is part of the problem. The DOJ and Feds have subverted the concept of innocent until proven guilty into If you're not doing anything wrong, then you shouldn't have anything to hide.

By setting up your analogy with the statement that there is a dead body in the trunk, you've already presumed guilt, nothing any civilized society should be doing.

What kind of a crime can be committed where the only access to incriminating evidence lies in the mind of the accused? We're entering a dangerous era of thought-crime. Why doesn't the DOJ just apply some random permutation on the data so that it generates some unrelated and arbitrary but incriminating documents?

TL;DR - Law enforcement should either do better detective work to find evidence without relying on the accused to provide it, or save taxpayer money, cut the whole "democracy" shenanigans, and just use false or forced confessions.

It's like you're hiding a dead body in the trunk of your car... and you've modified it with a special lock that cannot be forced. This is the equivalent of them getting a warrant on searching your car, and you being forced to come up with a key.

Actually, it's not quite. RTFA, because they are not insisting that she provides the key to unlock the car/hard drive, instead, they are providing the option that she can type in her password, (keeping the passphrase secret) to unlock the drive and then allow acces

You have already concluded there is a "body" - and therein lies the problem.

Much of the discussion has assumed the guilt of the accused. The correct principle is presumption of innocence. The accused should not be compelled to provide assistance, especially to parties who are already looking to convict.

It's not like the Prosecution wants to find proof of innocence. It's better for them to secure the conviction

There is no such thing as a physical lock that cannot be forced. Warrants don't force you to give a key up, they give cops permission to do whatever is necessary to search. I don't see how a warrant requires anyone to help the police do their work. Anyhow, what if you don't have a key to your unbreakable lock? Should you be compelled to reveal who does? I plea the 5th... I plea the 5th... I don't know it. I don't have it. The criminal I paid has it.

Except that there is no such thing as a special lock for a trunk that cannot be forced, or bypassed. And besides that, if you can decrypt the drive then you have shown, beyond a reasonable doubt, that it is your drive. You have in effect incriminated yourself, if there is incriminating data on the drive. So even if they do not get the password, they can show a video of you decrypting the drive to the jury and say "See! Only the person who put the data on here would know the encryption key!"

If you have a safe with a combination lock, can the authorities legally require you to either tell them the combination or unlock the safe? The passphrase to allow access to an encrypted drive is equivalent to the combination of a safe, so the same rules should apply.

Sadly this is taking a leaf out of the UK's book. I say sadly, sad that we got there first on this sort of nonsense. It's a crime not to reveal passwords when required to do so. It's part of the Regulation of Investigatory Power Act 2000 (look it up!)

If I recall someone demonstrated the stupidity of it by sending an encrypted file to the then home secretary. He was then in possession of a file that he could not possibly decrypt, but it would be a criminal offence for him not to supply the passphrase to decrypt it if required to do so. In other words, a law that he could not possibly obey no matter how much he wanted to.

Despite this demonstration of the stupidity of the act, I believe it still stands.

(Legally compel you to reveal crypto keys or render the relevant information intelligible that is. Well, you could refuse, but that's an offence obviously. Section 49 of Part III of the Regulation of Investigatory Powers (RIPA)).

"The prosecutor in the case has insisted that the defendant would not be forced to disclose her passphrase, but only to enter the passphrase into a computer to decrypt the drive."

I can see that there is a difference between forcing the disclosure of the password and being able to read something that is already decrypted, however I can't see how that wouldn't still be self-incrimination. I assume the police would either bring her to the evidence room and tell her to enter the passphrase, or they would simply demand that she deliver an un-encrypted copy of the drive. Either way they are forcing her to give up evidence that may be used to incriminate. This seems to be a seriously frightening precedent to set.

They would never be able to take someone accused of murder and say, in effect: "look, we KNOW you did it, we just lack all the evidence needed to convict. You are now ordered to show us every place you visited on the day in question, including where the body is hidden."

Or you may use a plausible deniability [truecrypt.org] system. But in doing that you may want to be reasonably sure that no data leaks [truecrypt.org] exist, or you may find yourself in an even worse position.

Here's the DOJ's FAQ [justice.gov] on their encryption policy:
Basically they are asking developers to create encryption software that has a government backdoor, and for corporations and individuals to use it voluntarily. They seem to think that:

Many criminals will use encryption that permits access by law enforcement, if that is the type of encryption that is commonly used and included in over-the-counter software

This is why anyone serious about security uses TrueCrypt or other encryption systems which have plausible deniability built in. If she was using TrueCrypt, she could give them the password they are looking for, without revealing ANYTHING about what is actually on the drive.

Or it can be an OS that is made to look like it was booted when the real one was, and erase the code that sets that up (the real OS restores it). It could just be a copy of the system parts of the real OS but not the data.

So once the technology is available to directly read someone's thoughts, I assume they will allow the same argument. You can't be forced to say what you're thinking, but you can't stop them from looking inside your head because the evidence is there.

"I don't recall" work great for Ronald Reagan. I'm sure there is precedent that it is acceptable under oath.

Second, and this is a technical solution, we need a forked compression system, where two different passwords give you two different sets of contents. Where encrypted data looks like empty space on the faux system. When the faux system is engaged, the encrypted data is destroyed. Hopefully one uses backup.

I hope the defendant doesn't give in. Personally, I'd rather sit in jail on contempt of court charges than go to big boy prison for whatever the state were investigating me for. At least with the contempt of court charges, I run the chance of becoming a cause celeb for standing up for principles, which is way better than being convicted of a crime.

I got into an argument about this very case with my (non-American) girlfriend the other day. She honestly doesn't get the fifth amendment and assumes that anyone who invokes it is basically admitting guilt, which isn't the case. She's from central America. You would think that people down in that part of the world would have some recent memory of unjust laws. Just because something is the law, doesn't make it right, and it is better for all of us that we keep the fifth amendment intact for cases when the law is not just than to violate it just so that someone can get convicted of fraud, murder or anything else.

You seem to think the purpose of the fifth amendment is to allow the guilty to evade justice. Not so buddy. Fifth amendment is also closely related to obstruction of justice. You can not destroy evidence. You can not refuse to hand over evidence. Only thing you can do is to refuse to help the investigators decode and link the evidence. Also you get the right to any exculpatory evidence (evidence of you innocence) in the hands of the prosecution. Seen in totality, requiring the decryption of a hard disk is

Now that compelled testimony (prohibited by 5th amendment) and compelled speech which may be used to obtain evidence, have suddenly become two different things, Miranda warnings will have to be reworded.

"You have the right to remain silent," will have to change to "You have the right to withhold information which may be used against you, but do not have the right to withhold information which leads to other information which may be used against you." And that's just a first draft off the top of my head but probably still doesn't work quite right.

It's going to take a lot of lawyers working a lot of years to rewrite Miranda, I think. And somehow I doubt it'll be comprehensible when they're done.

My take on it is simply this, the knowledge they need is in the defendants head, giving or otherwise providing that knowledge self incriminated and thus goes against the 5th amendment.
The police can ask you where the bodies are buried but they can't make you tell them. Something in someones head is always protected under 5th amendment laws as far as I'm concerned.

but which would you rather 'deal with' - that or the fact that they successfully stole your soul? so to speak. forcing someone to unlock their most private journal is a sign of an evil state.

I am under no obligation to comply with the illegal and unconstitutional wishes of evil leaders or states.

but you may have hit on something: if they raise the anty and sell the idea to the public that they are now 'forced' to unlock their journals, I do expect to see more 'destroy on tamper' seals on things.

tit for tat. hey gov, you really want to fight your own people in this way? re-think that, guys. this is not a fight you want with the geek population. we actually outnumber you!

How do I prevent them from adding anything to the system after it is in their possession.

If I turn over my key to the encryption I want a method to ensure than anything they use against me was put there by me, not by them afterward.

Can that be done?

After all, if they are willing to force an issue you can be sure some will make sure something is wrong. Its not like the current Administration is concerned about the rights of its citizens, they are making Bush Jr look like a staunch civil liberties advocate

You can't do much against an arbitrarily corrupt process, particularly if the corruption extends to the court of appeals or all you have is a narcoleptic public defender; but digital forensics cases are(for exactly the reason you described) typically handled fairly carefully.

The drive containing evidence will be cloned through a "hardware write blocker", a device designed and certified to ignore all ATA/SATA/SAS/SCSI/whatever commands that have the potential to modify data on the drive, and only allow re

Chain of custody. Evidence tampering isn't something that was suddenly invented after computers became popular, in case you never watched the OJ Simpson trial. Credibility of evidence is something trial lawyers know a lot about.

Did you even bother to read anything on that link? Blaming an entire org for one or two loudmouth racists would be like saying all of us southerners like to spend our weekends lynching anybody that isn't white.

I have several friends and family that have been in the military and I can tell you they take their oath to the constitution VERY seriously. Read the link, see what they are fighting for. you'll see they simply want to uphold their original oath which wasn't to a single man but to the Constitution o

An "encrytped hard drive" or an "encrypted file" are both the same thing: a very very large number. When the government took possession of the medium that stores that number, they then permanently know it. It's a series of 1s and 0s, and they have it for sure, definitely, it can never be altered. So whatever procedure you have in mind is like saying, what if the number 8 simply decays in September. It doesn't make any sense.

new password tech: the model you have in your mind, on how to vary the password based on current date and time and the matching code in the auth-modules.

there, fixed. there isn't 'one' password anymore, it varies based on when (maybe even where, if you can pull that off). maybe even based on other things: how many times its been booted or something. some variable that raises the bar beyond static passwords.

not needing those DES cards, but still having a varying password that is coded in your system and a

... unless someone followed even the remotest bit of common sense and made a copy of your drive before asking you to decrypt it. Trying to self-destruct the data is both futile and a VERY fast way to get either an obstruction of justice charge or get nailed with contempt of court. Better to let the lawyers fight it out.